Page 126 - 2023-Vol19-Issue2
P. 126
122 | Rashid et al.
• The fast authentication of PDi is confirmed as below:
'' = h(PW Pi|| ShPDi || R'A)
PW Pi
= h(PW Pi|| ShPDi || g VA' )
Fig. 3. Login and authentication phases
• The body temperature sensor has the ability to obtain = h(PW Pi|| ShPDi ||RA)
the temperature of the patient and redirects the values
to the PDi based on the following conditions: '
– Normal: If the value of the temperature signal >= = PW Pi
36.5 and the temperature signal <= 37.2, the case
of the patient is normal, and then the result is sent The left side (PW ' ) is matched with the right side in
to PDi every 12 hours while the normal case is
continuous [8]. Pi
– Abnormal: If the value of the temperature signal the above proof. Therefore, the authentication phase is
is greater than 37.2, this result is sent to PDi di-
rectly. PDi observes the reaction of Pi and his verified from PDi to AS.
detailing with the warning message via PDi. If
the interaction of Pi is negative, PDi submits the • Providing Key Agreement and Key Freshness: The key
medical information of Pi to AS for the necessary
action to be taken. Then, AS retrieves the phone agreement depends on main components and secure pa-
numbers of the doctors and relatives of the patient
to tell them about their emergency. rameters <Si , PDi , AS , ShSi , ShPDi > in the proposed
scheme. The first one is connected with Si and PDi,
• Finally, (PDi) sends a medical report of the patient to where the secret key is ShSi . The second fold depends
AS at the end of the day. This report is saved in the on ShPDi used by components PDi and AS, and ShPDi
database of AS to be used by doctors or authors in the is generated once for each login request. The following
future.
steps illustrate the mechanism of generating a key:
– PDi generates an integer random number RA < q
and computes VA = gRA mod q.
– PDi sends EPDi = EncShPDi (VA) to AS.
– AS generates an integer random number RB <
'
q and computes VB = gRB mod q and E PDi =
IV. FORMAL ANALYSIS E ncShPDi (VB). Then, it sends <E ' > to AS.
PDi
A. Security Analysis
This work can enjoy several security features as follows. – PDi computes ShPDi = ShPDi (V ' B * RA).
Correctness – AS computes ShPDi = ShPDi (VA' * RB). Conse-
quently, the proposed scheme supports key fresh-
ness for each login session.
• The fast authentication of Si is proven below: • Providing Anonymity and Untraceability: Assume the
– PW 'Si is calculated based on decrypted ESi to ob- attacker (A˜ ) can capture the important parameters such
tain ri via secret key ShSi , so the password process Pi'
of a sensor Si is correct: as PW ' , PW in the communication channel between
Si
–
components. On the side of Si, employing the random
'
ri in the login message demand < IDSi, PW Si , ESi >
refers to the generation of the message one time for
PW ''Si = h (PW Si , ri) = PW ' each demand. ? faces difficulties to obtain (ri) from
Si
ESi .
– As a result, the authentication phase is proven On the other side, A˜ fails to trace or obtain a one-time
correct from Si to PDi. '
password between PDi and AS. In each login
PW Pi
